I dont see any code to get the parameters into the variables 😕
I always use this (for security):
Class GetVars{
/ public: construct valid inputs from GET or POST variables
requires track_vars = on */
function getVars() {
global $HTTP_POST_VARS;
global $HTTP_GET_VARS;
$vars = count($HTTP_POST_VARS) > 0 ? $HTTP_POST_VARS :
(count($HTTP_GET_VARS) > 0 ? $HTTP_GET_VARS : array() );
$cleanvars = array();
reset($vars);
while( list($var, $value) = each($vars) ) {
$cleanvars[$var] = $this->validateInput($value);
}
return $cleanvars;
}
/ private: sanitise a single variable /
function validateInput($var) {
if (get_magic_quotes_gpc()) {
$var = stripslashes($var);
}
$var = strip_tags($var);
$var = htmlspecialchars($var);
$var = str_replace("\n", " ", $var);
$var = str_replace("\r", " ", $var);
$var = trim($var);
return $var;
}
}
